In our most recent reporting period (October 1 to December 31, 2016), the OIPC received 52 privacy breach reports from 21 public bodies under the ATIPPA, 2015. This is up from the 41 reports from 15 public bodies received in the second quarter of 2016/2017. The two intentional breaches in this period involved inappropriate/unauthorized access to a database.

Privacy breach reports to the Commissioner are used primarily to allow the OIPC to advise public bodies about the breach response process, to discuss ways to avoid similar breaches and also to target specific issues or public bodies for privacy training. If you want the OIPC to deliver training regarding privacy breaches, or any other topic relating to access or privacy, contact our Office to arrange a time.